Cydia performs dynamic hooking, and patches the function in the runtime. In theory app's signature should be intact (I have never come across this scenario in practice, so might be wrong). Generally, application implement additional checks for function hooking and dynamic library injections to prevent such attacks.